Cisco Exam 300-215 Topic 3 Question 80 Discussion

Actual exam question for Cisco's 300-215 exam

Question #: 80
Topic #: 3

An engineer received a call to assist with an ongoing DDoS attack. The Apache server is being targeted, and availability is compromised. Which step should be taken to identify the origin of the threat?

AAn engineer should check the list of usernames currently logged in by running the command $ who | cut -- d' ' -f1| sort | uniq

BAn engineer should check the server's processes by running commands ps -aux and sudo ps -a.

CAn engineer should check the services on the machine by running the command service -status-all.

DAn engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/ log/apache2/access.log.

Show Suggested Answer

Suggested Answer: B

by Leonora at Jul 10, 2024, 07:08 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Chantell

10 days ago

That's a good point, Ricarda. It's important to consider all options before making a decision.

upvoted 0 times

...

Ricarda

11 days ago

I disagree, I believe option B is more effective. Checking the server's processes can give us insight into any suspicious activity.

upvoted 0 times

...

Chantell

12 days ago

I think option D is the best choice. Checking the last hundred entries of the web server can help identify the source of the attack.

upvoted 0 times

...

Alaine

13 days ago

I'm not sure, but I think option B could also be useful. Checking the server's processes might give us some clues about the attack.

upvoted 0 times

...

Sherman

14 days ago

I agree with Geoffrey. Option D seems like the most effective way to track down the source of the DDoS attack.

upvoted 0 times

...

Geoffrey

24 days ago

I think option D is the best choice. Checking the last hundred entries of the web server can help identify the origin of the threat.

upvoted 0 times

...